Bitcoin Core Developer Discloses Critical Vulnerability in Bitcoin Cash

bitcoin security concept. Gold coin with padlock.

A Bitcoin Core developer is the anonymous source of a critical bug report which may have irreparably damaged Bitcoin Cash had the wrong eyes seen it.

Cory Fields was only doing his job when he decided to investigate what he thought was a strange alteration in Bitcoin Cash’s code.

In a matter of minutes, Fields stumbled upon the bug he suspected and immediately noticed that it was critical. The vulnerability could be exploited to split the Bitcoin Cash blockchain into two, damaging the cryptocurrency irreparably.

It was only a matter of time before the vulnerability would be discovered and exploited by malicious actors, so he had little choice but to report it anonymously.

The fact that Fields is a Bitcoin Core developer didn’t stop him from helping out one of their fiercest rivals, Bitcoin Cash. Though the latter cryptocurrency came from a fork from the main Bitcoin code, the proponents of each side rarely see eye-to-eye.

Bitcoin Cash claims technical superiority over the pioneer cryptocurrency and despite climbing to the top of the list at one point, it remains dwarfed by Bitcoin Core, which is more than 10 times its size.

Fields’ decision to notify the Bitcoin Cash dev team as soon as possible might have saved the cryptocurrency from inevitable demise.

While supporters of the polarized camps may have some harsh words for each other following this act of goodwill from the developer, the move was applauded by big names in the crypto industry.


Fields believes that the bug would have had dire effects on the rival cryptocurrency had it not been reported in time.

Labeled “SIGHASH_BUG,” the vulnerability was capable of splitting the Bitcoin Cash blockchain into two chains which would be wholly incompatible with each other.

It would have taken much too long for the two dev teams to reconcile their conflicts, meet and resolve the issue, which is part of the reason why Fields decided to send the bug report anonymously.

Right from the start, there were no easy decisions for the developer to make. The bug was in open-source software and so the pressure to report it before any malicious actors could exploit it was real.

In a later blog post on Medium, Fields revealed that he chose to report the bug anonymously out of concern for his safety more than anything.

Had it been successfully exploited before the Bitcoin Cash dev team could patch it up, billions of dollars would have been lost and he would have been right in the middle of the scandal.

The bug was later fixed in May, as reported by Bitcoin Cash’s software implementation Bitcoin ABC, which also stated that several actions need to be taken to avoid such a scenario in the future.

One of the preventative measures to be implemented may be the scheduling of regular bug bounty competitions.

Selfless and Responsible

Smartphone with Bitcoin Cash growth chart on-screen among piles of golden Bitcoin Cash coins. BCC/BCH growth concept.

Cory Fields was only doing his job when he decided to investigate what he thought was a strange alteration in Bitcoin Cash’s code.

A lot of positive feedback followed the discovery of Fields’ exploits. Vinny Lingham, the CEO of identity protection platform Civic, was particularly pleased with Fields’ actions, writing in a tweet that responsible behavior and ethics that are maintained despite conflicting ideological beliefs deserve to be commended.

These sentiments were shared by Ethereum CEO Vitalik Buterin, who retweeted Lingham’s message.

Even though a lot of friction is still present between the two dev teams, Fields’ decision to help a rival from certain doom shows that some things are more important than others.

Comments (No)

Leave a Reply